If someone's Electrum Wallet connected to one of those servers, and tried to send a BTC transaction, they would see an official-looking message telling them to update their Electrum Wallet, along with a scam URL.

ADVICE: Ignore any "update" notifications in Electrum. I'm not 100% certain, but if you never downloaded the "update", your wallet & funds should be ok. As for usage, I'd personally avoid using Electrum wallet for a few days, until the devs figure everything out (the vulnerability hasn't been fully plugged yet).

Technically speaking, even though the term 'hacked' is broad, what happened was an attacker utilized the server response/messaging capability to phish users (it was more convincing because rich text was allowed to display in the electrum client). The message provided a link to "upgrade electrum", but was actually installing a malicious clone.

The attacker amplified their reach by spinning up more malicious servers which could loosely be considered a sybil attack.

People using the correct wallet software and not clicking any links are unaffected. Electrum was no more "hacked" than gmail is hacked every time one of their users is sent a phishing email

Wait, when you connect a standard electrum client, doesn't it just to connect to "electrum authorized servers"? Or does it connect you to a peer-to-peer network and you are randomly assigned a remote node somewhere? I am confused as to why you would connect to this remote node in the first place?

You can specify a specific server to connect to, but by default, it connects to a random peer. There are no "authorized servers". By design, they cannot interfere with bitcoin transactions made by clients except: 1) lie about account balances and 2) not relay a valid transaction to the rest of the network. The problem here is it's messaging capability that communicates directly with it's connected clients. There is no authenticity of any messages created by any statum servers - only what the manager of that server wants to say.

Just questions in general: Is this a design challenge of a decentralized system? If someone injects some nodes, will the system be compromised? Can they just show up and serve? I remember that one episode of Silicon Valley they had ICO, they try to gain control by controlling more nodes.

ALWAYS Bookmark the official updates releases page on electrum.org and along with crypto exchanges and sites. Never enter URLs manually because of typo squatting. Always bookmark and use due dillegence.

yeah - this is the other part of crypto that sucks bad and not many people talk about. Even if your shitcoin makes it and you get a fat stack somehow thats probably the one with a glitch of some sort that costs you your coin and then gets blamed on you anyway for running a vulnerable system....

Im looking at you masternode coins with staking Qts and no security guidance...not everyone knows how the Qt works

If you cant get on a hardware wallet please encrypt and password protect your Qt. You won't think it can happen until you see it and then its too late and you will be upset, hurt, want to quit crypto and feel like really really low - and also not know how the fuck it even happened and end up wiping all your other systems to try and reset and will probably end up back at the Qt afraid to stake those coins

Man that sucks for the people that got hacked. There obviously was a handful of red flags (i.e. being asked for your 2FA/passphrase when starting the client), but still...The attack almost seems like it's too...easy. All the more reason to use a hardware wallet!